Securing wordpress: How to secure your wordpress site like a military man

Wordpress security is very essential for everybody. There are two phases relating wordpress security; one is basic security  for newbies to implement at early stages and another is advanced wordpress security, which has to be implemented after completing customizations in a Wordpress website.

In this post I will share amalgam of both the security tips to keep wordpress security simple and secure.

Not using admin URL to login:This can be tricky to understand at first, but it’s easy. Everyone knows about default wordpress values and can try to exploit them to gain access or crash wordpress website.

Admin login URL can be subjected to brute force attacks. Brute force attacks either will crack the password of your admin account or will crash your website due to heavy load on server during bruteforcing.

Locking access to .htaccess and wp-config.php: .htaccess and wp-config are most crucial part of wordpress core.

They hold important access rules to whole wordpress website.

Sometimes loopholes to web server or any plugin can allow access to these files, giving them authority to edit and make unauthorized changes, which can shut down whole website’s security.

To block access to wp-config.php, add this code to .htaccess.

<Files wp-config.php>

order allow,deny

deny from all

</Files>

To block access to .htaccess add this code to .htaccess

<Files .htaccess>

order allow,deny

deny from all

</Files>

Disallow file editing in dashboard: If someone gains access to your dashboard, they can easily make changes to your theme files or add malicious code to your site.

To disallow site editing, you can embed this code in wp-config.php and block editing.

define('DISALLOW_FILE_EDIT', true);

These are some tips for securing your wordpress website, which can help you in a long run.

Before making these changes, make sure you have completed customization and are ready to go live with some functionalities like blog posting, adding images in gallery etc.